Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

bg/n-acd-update: update n-acd code from upstream #195

Merged
merged 8 commits into from Sep 18, 2018
Merged

bg/n-acd-update: update n-acd code from upstream #195

merged 8 commits into from Sep 18, 2018

Commits on Sep 18, 2018

  1. Squashed 'shared/c-rbtree/' content from commit bf627e0c3 

    git-subtree-dir: shared/c-rbtree
git-subtree-split: bf627e0c32241915108f66ad9738444e4d045b45
    @bengal
    bengal committed Sep 18, 2018
    Copy the full SHA
    4f4e966 View commit details
    Browse the repository at this point in the history

  2. Merge commit '4f4e96655625a0ad8c5fc451c5a3a8dda3bf5456' as 'shared/c-… 

    …rbtree'

Imported c-rbtree code with command:

  git subtree add --prefix shared/c-rbtree git@github.com:c-util/c-rbtree.git bf627e0c32241915108f66ad9738444e4d045b45 --squash

To update the library use:

  git subtree pull --prefix shared/c-rbtree git@github.com:c-util/c-rbtree.git master --squash
    @bengal
    bengal committed Sep 18, 2018
    Copy the full SHA
    ba4452f View commit details
    Browse the repository at this point in the history

  3. Squashed 'shared/n-acd/' changes from a68b55992..a40949267 

    a40949267 build: add CI run without ebpf
044db2056 n-acd: drop redundant headers
6a391cd83 n-acd: fix build without eBPF
bb194cf09 n-acd/config: make transport mandatory
ec2865743 build: drop unused c-sundry
721d9d84f n-acd: inline c_container_of()
1a7ee317c util/timer: fix coding-style
6c96f926b util/timer: fall back to CLOCK_MONOTONIC if necessary
4ea3165fc n-acd: only use CLOCK_BOOTTIME if really necessary
c1b853c6c util/timer: cleanup headers
b1d6ad272 n-acd: add destructors that return void
185be55b6 test-bpf: skip test in case of unsufficient privs
84a40e8fa build: add NEWS file
bf11443ff build: mention mailinglist in readme
e2797984a test-bpf: drop bpf-filter.h
668ed3c82 subprojects: pull in updates
dd8cab3f0 test-veth: reduce parallel execution to 9
68b09ba2b build: update AUTHORS
3f77e3e88 test: make function headers valid C
5275a5120 test: get rid of spurious tab
037df412c n-acd: make struct initializers valid C
346ec0c67 build: upgrade CI
38682a36d n-acd: fix signed vs unsigned comparison
5e7578b33 bpf: properly zero out trailing bpf_attr space
ee1e432ae probe: fix coding-style
a143540f9 build: use lower-case build options
835533e7d build: minor style fixes
2bd6d1d29 build: get rid of tabs
b14979934 eBPF: make compile-time optional
6f13c27ee n-acd: filter out invalid packets
4e6a169a0 build: sync with c-util repositories
6c4a9117b build: document eBPF kernel requirement
3ef08394d n-acd: don't remember dropped defense attempts
4dff8771f n-acd: fix coding-style
b11fb9706 n-acd/config: default to the RFC-specified timeout
d885bb3b7 n-acd/event: don't expose the type of operation that caused a conflict
e2f87e047 TODO: drop remaining items
f06993856 test/veth: reduce the number of probed addresses
8b4f7ed64 test/veth: bump the timeout a bit
14e4606f6 n-acd/probe: don't cap the jitter at 4s
a0247b86f test/veth: fix stackvariable corruption
a64ac8389 n-acd/probe: update comments
aa9c25bc1 n-acd/handle_timeout: update comments
b6c2df3a9 timer: rename timer_pop() to timer_pop_timeout()
47c657a8d test: fix handling of child addresses
27168ba9e timer: move timer_read() from n-acd.c to util/timer.c
21a1e37aa timer: require timer to be explicitly rearmed
ee1080820 bpf/map: make key/value sizes self-documenting
fd444353e test/veth: rework test
ba2bc433c test: rework child_ip() helper
07881b8da test: silence a warning
38da00b0a test/bpf: make tests for map modifications more comprehensive
6a2ffd23a test/timerfd: for documentation purposes verify the kernel API
01a9cf54b probe: move from ms to ns internally
4fe438dd9 n-acd: move to use the Timer utility library
e098cfc79 util: add a timer utility helper
8ea196e5b subprojects: pull in c-sundry
0c0b3c29f acd/probe: do not subscribe to packets in FAILED state
9c922ea3d acd/probe: introduce probe_{un,}link() helpers
024a830e6 acd/probe: use unschedule() helper in free()
b098a3bcc tests/veth: minor fixes to the test
fe3d9578a acd/packet: consider unexpected packets a fatal error
34d7656d7 acd: stop state-machine after USED or CONFLICT events
7d9e5ec6b acd: don't declare iovec entries inline
7afd8d8a3 tests: add veth test
26a737b42 tests/veth: add helper for adding IP addresses to child device
e73a37a11 probe: store a userdata pointer in the probe object
327e82625 test: introduce loopback helper
0682b15f8 acd: reduce default map size
afead881f tests: reinstate loopback test
4527d2f71 BPF: move and document the eBPF helpers
88bacc022 socket filter: move to the new eBPF helpers
245104d5c tests: skip tests if lacking permissions
195d9ff5a n-acd: rework API to support many probes on a context
ab440eb99 eBPF: never return packets that userspace should unconditionally drop
ac933f412 eBPF: add eBPF helper functions

git-subtree-dir: shared/n-acd
git-subtree-split: a40949267923c45cb232fa4c1d60eafacee4b36e
    @bengal
    bengal committed Sep 18, 2018
    Copy the full SHA
    1361ede View commit details
    Browse the repository at this point in the history

  4. Merge commit '1361ede099f51cc29b478ebee6a736219ad74b97' into bg/n-acd… 

    …-update

git subtree pull --prefix shared/n-acd git@github.com:nettools/n-acd.git master --squash
    @bengal
    bengal committed Sep 18, 2018
    Copy the full SHA
    d0c32a1 View commit details
    Browse the repository at this point in the history

  5. build: don't change CFLAGS from configure.ac 

    If configure.ac automatically adds compiler flags to CFLAGS, it
becomes hard to override one of them for a specific target because
CFLAGS is added last. It is better to use AM_CFLAGS. See [1].

[1] https://www.gnu.org/software/automake/manual/html_node/Flag-Variables-Ordering.html
    @bengal
    bengal committed Sep 18, 2018
    Copy the full SHA
    51776b2 View commit details
    Browse the repository at this point in the history

  6. build: compile the c-rbtree library

    @bengal
    bengal committed Sep 18, 2018
    Copy the full SHA
    88072c6 View commit details
    Browse the repository at this point in the history

  7. acd: adapt NM code and build options 

    Adapt the nm-acd-manager.c code to the new API and also tweak build
options to the new project structure.
    @bengal
    bengal committed Sep 18, 2018
    Copy the full SHA
    d9a4b59 View commit details
    Browse the repository at this point in the history

  8. build: allow disabling eBPF support in n-acd 

    Add a configure option to disable eBPF support in n-acd.

Note that, even if eBPF is not supported, n-acd requires a kernel >
3.19, which means that the setsockopt(..., SO_ATTACH_BPF) option must
be defined. To allow building on older kernels without modifying the
n-acd code, we inject the SO_ATTACH_BPF value as a preprocessor define
in the compiler the command line.
    @bengal
    bengal committed Sep 18, 2018
    Copy the full SHA
    691c71a View commit details
    Browse the repository at this point in the history